[xmlsec] Looking for programmer

Mon, 30 Oct 2006 14:28:01 -0800

Hoping to get help with this. I am not C programmer, nor experienced with advanced XML.
I can take xml test file from vendor and sign/verify using my own test key/cert, but when I try to 
verify XML signed by the vendor, I am getting the following error:
func=xmlSecXPathDataExecute:file=xpath.c:line=273:obj=unknown:subj=xmlXPtrEval:error=5:libxml2 library function failed:expr=xpointer(id('Body')) func=xmlSecXPathDataListExecute:file=xpath.c:line=356:obj=unknown:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: func=xmlSecTransformXPathExecute:file=xpath.c:line=466:obj=xpointer:subj=xmlSecXPathDataExecute:error=1:xmlsec library function failed: func=xmlSecTransformDefaultPushXml:file=transforms.c:line=2371:obj=xpointer:subj=xmlSecTransformExecute:error=1:xmlsec library function failed: func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1207:obj=unknown:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed:transform=xpointer func=xmlSecTransformCtxExecute:file=transforms.c:line=1267:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigReferenceCtxProcessNode:file=xmldsig.c:line=1571:obj=unknown:subj=xmlSecTransformCtxExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignedInfoNode:file=xmldsig.c:line=804:obj=unknown:subj=xmlSecDSigReferenceCtxProcessNode:error=1:xmlsec library function failed:node=Reference func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=547:obj=unknown:subj=xmlSecDSigCtxProcessSignedInfoNode:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed: 
Error: signature verify

Unsigned XML:

<?xml version="1.0" encoding="UTF-8"?>
<B:Envelope xmlns:B="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:A="http://www.routeone.com/namespace.messaging.diag#"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <SOAP:Header xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12";></SOAP:Header> <B:Body id="Body" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12";> 
   <A:Diagnostic>
     <A:DiagnosticMessage>
       <A:RequestMessage>100027</A:RequestMessage>
     </A:DiagnosticMessage>
   <A:SourceIdentifier>VendorTest</A:SourceIdentifier>
   </A:Diagnostic>
 </B:Body>
</B:Envelope>


Signed XML:

<?xml version="1.0" encoding="UTF-8"?>
<B:Envelope xmlns:B="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:A="http://www.routeone.com/namespace.messaging.diag#"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <SOAP:Header xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"; xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/";> 
 <SOAP-SEC:Signature SOAP:mustUnderstand="1">
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#"; xmlns:C="http://www.routeone.com/namespace.messaging.CreditApplication#"; xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext";> 
   <SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
     <Reference URI="#Body">
       <Transforms>
         <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
       </Transforms>
       <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
       <DigestValue>niQfM6RR1CP+V1Puf9FlaXRNcFQ=</DigestValue>
     </Reference>
   </SignedInfo>
   <SignatureValue>***SNIPPED***</SignatureValue>
     <KeyInfo>
       <X509Data>
         <X509Certificate/>
         <X509IssuerSerial>
           <X509IssuerName>***SNIPPED***</X509IssuerName>
           <X509SerialNumber>***SNIPPED***</X509SerialNumber>
         </X509IssuerSerial>
       </X509Data>
     </KeyInfo>
   </Signature>
 </SOAP-SEC:Signature>
 </SOAP:Header>
<B:Body id="Body" xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"; xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/";> 
   <A:Diagnostic>
     <A:DiagnosticMessage>
       <A:RequestMessage>100027</A:RequestMessage>
     </A:DiagnosticMessage>
     <A:SourceIdentifier>Vendor</A:SourceIdentifier>
   </A:Diagnostic>
 </B:Body>
</B:Envelope>
If anyone can help or would like to do some contract work on my project, please let me know. 

Thanks!

Chris M
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to